EP1855414B1 - System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel - Google Patents
System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel Download PDFInfo
- Publication number
- EP1855414B1 EP1855414B1 EP06113904A EP06113904A EP1855414B1 EP 1855414 B1 EP1855414 B1 EP 1855414B1 EP 06113904 A EP06113904 A EP 06113904A EP 06113904 A EP06113904 A EP 06113904A EP 1855414 B1 EP1855414 B1 EP 1855414B1
- Authority
- EP
- European Patent Office
- Prior art keywords
- key
- content protection
- storage device
- data storage
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 74
- 238000013500 data storage Methods 0.000 claims abstract description 109
- 238000010295 mobile communication Methods 0.000 claims description 7
- 230000001419 dependent effect Effects 0.000 claims description 4
- 238000004891 communication Methods 0.000 description 61
- 230000006870 function Effects 0.000 description 21
- 238000004422 calculation algorithm Methods 0.000 description 10
- 238000006243 chemical reaction Methods 0.000 description 5
- 230000002085 persistent effect Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000003321 amplification Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003199 nucleic acid amplification method Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- IRLPACMLTUPBCL-KQYNXXCUSA-N 5'-adenylyl sulfate Chemical compound C1=NC=2C(N)=NC=NC=2N1[C@@H]1O[C@H](COP(O)(=O)OS(O)(=O)=O)[C@@H](O)[C@H]1O IRLPACMLTUPBCL-KQYNXXCUSA-N 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 230000003190 augmentative effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2131—Lost password, e.g. recovery of lost or forgotten passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Definitions
- the present invention relates generally to the field of computer and network security, and in particular to password administration.
- Data stored in the memory of a communication and/or computing device may be secured by encrypting using a content protection key.
- This key is preferably protected by, or derived in part from, a user-entered password, PIN, or other piece of user-supplied data. This is one means to ensure that sensitive data stored on the communication device is accessible only by a designated user.
- the resetting procedure may be invoked remotely from another device in communication with the user's device, for example from a server located on the same network as the user's device.
- the content protection key cannot be recovered without the existing user password. If the user cannot recall the existing password, the protected data is rendered inaccessible.
- US-A-5768373 discloses a method of providing access to data when a user has forgotten a password. In this arrangement, a "one time" private/public key pair is provided. The user then has to go through further authentication steps before access to the data is permitted.
- EP-A-1079565 is directed to a means of securing a communication link between a server and client by providing a shared key to prevent a man-in-the-middle attack. This enables data to be recovered even if the password is lost.
- a data storage device for storing encrypted data, the data storage device being adapted to allow access to data storage device operations upon successful entry of a password, the data storage device comprising:
- a data storage device for storing encrypted data, the data storage device being adapted to allow access to data storage device operations upon successful entry of a password, the data storage device comprising:
- the invention also provides a computer-readable medium comprising code executable by a computing device for carrying out any of the methods described above.
- FIG. 1 an overview of an exemplary communication system for use with the embodiments described below is shown.
- One skilled in the art will appreciate that there may be many different topologies, but the system shown in Figure 1 helps demonstrate the operation of the systems and methods described in the present application.
- Figure 1 shows first communication device, here a personal computer 10, a network, here the Internet 20, a server system 40, a wireless gateway 85, wireless infrastructure 90, a wireless network 105 and a second communication device, here a mobile communication device 100.
- the devices referred to herein as communication devices or data storage devices may comprise devices whose main function is directed to data or voice communication over a network and data storage, but may also be provided with personal or productivity applications, or devices whose main function is directed to computing or executing productivity applications, but are also adapted to enable a user to communicate over a network.
- a personal computer 10 may, for example, be connected to an ISP (Internet Service Provider) on which a user of the system has an account, located within a company, possibly connected to a local area network (LAN), and connected to the Internet 20, or connected to the Internet 20 through a large ASP (application service provider).
- ISP Internet Service Provider
- LAN local area network
- ASP application service provider
- the wireless gateway 85 and infrastructure 90 provide a link between the Internet 20 and wireless network 105.
- the wireless infrastructure 90 determines the most likely network for locating a given user and tracks the user as they roam between countries or networks.
- Messages and other data may be delivered to the mobile device 100 via wireless transmission, typically at a radio frequency (RF), from a base station in the wireless network 105 to the mobile device 100.
- RF radio frequency
- the particular network 105 may be any wireless network over which messages may be exchanged with a mobile communication device.
- the mobile device 100 may also receive data by other means, for example through a direct connection to a port provided on the mobile device 100, such as a Universal Serial Bus (USB) link.
- USB Universal Serial Bus
- the server 40 may be implemented, for example, on a network computer within the firewall of a corporation, a computer within an ISP or ASP system or the like.
- the server 40 may act as the application, network access, and/or file server for one or more communication devices.
- the mobile device 100 if it is configured for receiving and possibly sending e-mail, will normally be associated with an account on the server 40.
- the software products and other components that are often used in conjunction with the functions of the server 40 described herein are not shown in Figure 1 , as they do not directly play a role in the system and method described below.
- the server 40 may support either a so-called “pull” or “push” message access scheme, wherein the mobile device 100 must request that stored messages be forwarded by the message server to the mobile device 100, or the server 40 may be provided with means for automatically redirecting messages addressed to the user of the mobile device 100 as they are received, respectively.
- the server 40 may be used to provide administrative functions for the communication devices 10 and 100, for example by establishing and transmitting information technology (IT) policies.
- IT information technology
- administrator access is provided at the server 40 for resetting device passwords, although the system and method described herein may be implemented from another device on the network, if such administrator-level access is provided at the other device.
- Data stored in a memory in the mobile device 100 or the other communication device 10, such as user- or administrator-provided content or encryption keys, may be secured in part by means of a user-entered password, PIN, or similar access control method.
- Content may include electronic messages, personal information, or other data caused to be entered or created by the user of the device 100 or 10.
- Suitable access control methods may include increasing security by providing a smart card reader for accessing security data from a smart card in the user's possession upon a request issued by the mobile device 100 or other communication device 10. Such security mechanisms prevent an unauthorized user from obtaining access to the data via the user interface provided by the device.
- a user-entered password is not the sole means by which content on the device 100 or 10 is secured. Rather, the password, using methods known in the art, is used alone or in conjunction with other encryption data to secure another key, such as a content protection key or a content protection bulk key K, that is used in turn to encrypt data.
- the content protection key K itself may be an Advanced Encryption Standard (AES) cryptographic key with a 128, 192, or 256 bit length, or another key for use with encryption software in accordance with another standard.
- AES Advanced Encryption Standard
- other encryption standards may be used to define the nature of the content protection key K, although preferably a symmetric block cipher method is used.
- the content protection key K may not be used directly to convert data into ciphertext; instead, the device 100 or 10 may be configured to use the content protection key K to generate one or more further content encryption keys for encrypting and/or decrypting data stored on the device 100 or 10. However, preferably neither the content protection key K nor any further keys derived from the key K are stored in the clear in the memory of the communication device 100 or 10.
- the password may be used to encrypt the content protection key K, and the encrypted content protection key K may be stored in the non-volatile memory of the device 100 or 10.
- the non-volatile memory is discussed below with reference to Figure 4 .
- the user is prompted to enter a password.
- the entered password may be compared with a password stored in the memory of the communication device 100 or 10.
- the password itself is not stored in the clear on the device; rather, a hash (or some other function) of the password entered by the user is compared to a hash (or some other function) of the password stored in memory.
- the user is authenticated and the entered password may be stored in volatile memory, also described below with reference to Figure 4 , on the device 100 or 10.
- the password may be stored in volatile memory for the duration of a user session, which may be terminated by "logging off” the device, suspending operations of the device 100 or 10 by placing the device in a standby mode, powering off the device 100 or 10 or otherwise disconnecting a power supply from the volatile memory, or in accordance with other IT policies, for example by erasing the password from volatile memory after a set period of time or immediately after user authentication.
- the device 100 or 10 determines that an encryption key is required for converting the data to be protected to ciphertext, it accesses the encrypted content protection key K and decrypts the key using the password stored in volatile memory.
- the decrypted content protection key K is stored in volatile memory and is used to either encrypt the data to be protected and stored, or to generate further encryption keys for encrypting the data to be protected and stored.
- the content protection key K is used, it may be deleted from volatile memory after the data is encrypted.
- the device 100 or 10 again accesses the encrypted content protection key K , decrypts it and stores it in volatile memory, then either decrypts the required data by using the key K directly or by deriving the necessary further keys to decrypt the data. After the key K has been used, it is again deleted from volatile memory.
- the content protection key K is thus only stored in the clear in volatile memory on a transitory basis.
- the content protection key K may be retained in volatile memory until the user session is terminated.
- the communication device 100 or 10 may be connected to a network such as that described in Figure 1 , and may be provided with IT policies relating to content protection. Preferably, some security policies and features on the device 100 or 10 may be controlled from a remote location on the network, for example from the server 40. This is particularly useful in the event that a user forgets his or her password for accessing the device 100 or 10, as an administrator or other person with sufficient privileges may force a password reset on the device 100 or 10 over the network.
- the content protection key K is re-established by the device 100 or 10 using information provided by the server 40 as follows, with reference to Figure 2 .
- the resetting device When a content protection key K is established for a data storage device such as the communications device 100 or 10, the resetting device, such as the server 40, first selects or generates a private key b at step 205.
- the private key b is preferably generated as a random or pseudo-random number and is appropriate for use in an elliptic curve cryptography algorithm, for example in accordance with an encryption algorithm approved by the National Institute of Standards and Technology (NIST). However, any alternate asymmetric key cryptography algorithm may be employed.
- NIST National Institute of Standards and Technology
- an elliptic curve cryptography algorithm is used, and most preferably at least a 521-bit key is used and the elliptic curve used has a cofactor of 1.
- b may be encrypted itself using means known in the art, and stored as ciphertext.
- the result B is transmitted to the communications device 100 or 10.
- the server 40 and the device 100 or 10 may agree to a selected encryption algorithm, or alternatively an encryption algorithm may have been previously set by the IT policies between the server 40 to the device 100 or 10.
- the content protection key K is then encrypted with the key encryption key L at step 260, and this encrypted version of K, enc(K) 1 , is stored on the device.
- the content protection key K is also encrypted with the user password, and this second encrypted version of K, enc(K) 2 , is also stored on the device.
- This second encryption step is indicated in Figure 2 at step 255, prior to the encryption of K by L at step 260; however, those skilled in the art will appreciate that these encryption steps may occur in reverse order.
- the password itself is provided to or by the device 100 or 10 at step 200, for example by the user or by some other means known in the art; the device itself may be configured to generate a password and provide the password to the user.
- Any unencrypted copies of K and d are destroyed by the device at step 265.
- the content protection key K is stored in two ciphertext forms on the device, and is preferably not stored anywhere else.
- the device 100 or 10 and the server 40 may also destroy B .
- the content protection key K may be recovered in one of two ways.
- the user may provide the user password in order to log in to or unlock the device, and the device may use the password to decrypt the second encrypted version of K, enc(K) 2 , stored on the device.
- the password is no longer available to decrypt the content protection key K , for example if the user cannot recall the password, a procedure such as that illustrated in Figure 3 may be followed.
- a user or administrator at the server 40 may select or generate a new password at step 305.
- the server 40 requests the public key from the device 100 or 10 at step 310.
- the device 100 or 10 thus derives the original content protection key K , and may use K to decrypt any secure content stored at the device 100 or 10.
- the existing content protection key K is destroyed at step 375, and a new content protection key, K' , is generated at step 380 to re-encrypt the content to be secured on the device 100 or 10.
- This new content protection key K' is preferably protected in a manner similar to that described in relation to Figure 2 ; preferably, the server initiates this protection by generating a new private key b as in step 205 in Figure 2 , and then proceeding with the subsequent steps to result in a new key encryption key M; the new password, transmitted at step 350 in Figure 3 , would be used in step 200 in Figure 2 .
- the server 40 may generate a new private key b 1 and derive a new public key B 1 from b 1 and a generating point P 1 , which may be the same generating point P as that used previously.
- the resetting device may immediately provide the new password selected at step 305 as part of a reset password command at step 385 without requesting the device's public key, thereby bypassing steps 310 and 315 in Figure 3 . If the device is unable to immediately reset the password to the new value because content protection is enabled and K is stored only in encrypted form as determined at step 390, the device may reply with the blinded public key D' , thereby indicating to the server that the key recovery protocol should be initiated. The rest of the protocol may proceed as described as above, with the server optionally providing the new password a second time at step 350.
- the key encryption key L may be used to encrypt the user password instead of encrypting the content protection K directly.
- both the password encrypted with L and the content protection key K encrypted with the password, or in other words enc(K) 2 are stored on the device. If the password is no longer available, the procedure in Figure 3 may be carried out, except that once the key encryption key L has been recovered at step 365, it may be used to first decrypt the user password, and then the user password may be used to decrypt the encrypted content protection key enc(K) 2 .
- the content protection key K is thus secured against a hardware-based attack. While the server 40 stores information useful for the reconstruction of the key encryption key L , a malicious user with access to the server 40 but not the device 100 or 10 will be unable to reconstruct L from the private key b alone. The reconstruction process further shields the protected content from a malicious user at the server 40, since public key D is not transmitted to the server 40; only the key D' , which is a blinded version of D , is transmitted to the server 40 such that the server 40 remains unable to compute L . It can be seen that the method of resetting a password that is used to encrypt a content protection key K , as illustrated in Figure 3 , provides a means for retrieving and re-encrypting data stored on the device 100 or 10.
- the systems and methods disclosed herein may be used with many different computers and devices, such as a wireless mobile communications device shown in Figure 4 .
- the mobile device 100 is a dual-mode mobile device and includes a transceiver 411, a microprocessor 438, a display 422, non-volatile memory 424, random access memory (RAM) 426, one or more auxiliary input/output (I/O) devices 428, a serial port 430, a keyboard 432, a speaker 434, a microphone 436, a short-range wireless communications sub-system 440, and other device sub-systems 442.
- the transceiver 411 includes a receiver 412, a transmitter 414, antennas 416 and 418, one or more local oscillators 413, and a digital signal processor (DSP) 420.
- the antennas 416 and 418 may be antenna elements of a multiple-element antenna, and are preferably embedded antennas. However, the systems and methods described herein are in no way restricted to a particular type of antenna, or even to wireless communication devices.
- the mobile device 100 is preferably a two-way communication device having voice and data communication capabilities.
- the mobile device 100 may communicate over a voice network, such as any of the analog or digital cellular networks, and may also communicate over a data network.
- the voice and data networks are depicted in Figure 4 by the communication tower 419. These voice and data networks may be separate communication networks using separate infrastructure, such as base stations, network controllers, etc., or they may be integrated into a single wireless network.
- the transceiver 411 is used to communicate with the network 319, and includes the receiver 412, the transmitter 414, the one or more local oscillators 313 and the DSP 320.
- the DSP 320 is used to send and receive signals to and from the transceivers 416 and 418, and also provides control information to the receiver 412 and the transmitter 414. If the voice and data communications occur at a single frequency, or closely-spaced sets of frequencies, then a single local oscillator 413 may be used in conjunction with the receiver 412 and the transmitter 414. Alternatively, if different frequencies are utilized for voice communications versus data communications for example, then a plurality of local oscillators 413 can be used to generate a plurality of frequencies corresponding to the voice and data networks 419. Information, which includes both voice and data information, is communicated to and from the transceiver 311 via a link between the DSP 420 and the microprocessor 438.
- transceiver 411 such as frequency band, component selection, power level, etc.
- the detailed design of the transceiver 411 will be dependent upon the communication network 419 in which the mobile device 100 is intended to operate.
- a mobile device 100 intended to operate in a North American market may include a transceiver 411 designed to operate with any of a variety of voice communication networks, such as the Mobitex or DataTAC mobile data communication networks, AMPS, TDMA, CDMA, PCS, etc., whereas a mobile device 100 intended for use in Europe may be configured to operate with the GPRS data communication network and the GSM voice communication network.
- voice communication networks such as the Mobitex or DataTAC mobile data communication networks, AMPS, TDMA, CDMA, PCS, etc.
- a mobile device 100 intended for use in Europe may be configured to operate with the GPRS data communication network and the GSM voice communication network.
- Other types of data and voice networks, both separate and integrated, may also be utilized with a mobile device 100.
- the access requirements for the mobile device 100 may also vary.
- mobile devices are registered on the network using a unique identification number associated with each mobile device.
- network access is associated with a subscriber or user of a mobile device.
- a GPRS device typically requires a subscriber identity module (“SIM”), which is required in order to operate a mobile device on a GPRS network.
- SIM subscriber identity module
- Local or non-network communication functions may be operable, without the SIM device, but a mobile device will be unable to carry out any functions involving communications over the data network 319, other than any legally required operations, such as '911' emergency calling.
- the mobile device 100 may the send and receive communication signals, including both voice and data signals, over the networks 419.
- Signals received by the antenna 416 from the communication network 419 are routed to the receiver 412, which provides for signal amplification, frequency down conversion, filtering, channel selection, etc., and may also provide analog to digital conversion. Analog to digital conversion of the received signal allows more complex communication functions, such as digital demodulation and decoding to be performed using the DSP 420.
- signals to be transmitted to the network 419 are processed, including modulation and encoding, for example, by the DSP 420 and are then provided to the transmitter 414 for digital to analog conversion, frequency up conversion, filtering, amplification and transmission to the communication network 419 via the antenna 418.
- the DSP 420 also provides for transceiver control.
- the gain levels applied to communication signals in the receiver 412 and the transmitter 414 may be adaptively controlled through automatic gain control algorithms implemented in the DSP 420.
- Other transceiver control algorithms could also be implemented in the DSP 420 in order to provide more sophisticated control of the transceiver 411.
- the microprocessor 438 preferably manages and controls the overall operation of the mobile device 100. Many types of microprocessors or microcontrollers could be used here, or, alternatively, a single DSP 420 could be used to carry out the functions of the microprocessor 438. Low-level communication functions, including at least data and voice communications, are performed through the DSP 420 in the transceiver 411. Other, high-level communication applications, such as a voice communication application 424A, and a data communication application 424B may be stored in the non-volatile memory 424 for execution by the microprocessor 438.
- the voice communication module 424A may provide a high-level user interface operable to transmit and receive voice calls between the mobile device 100 and a plurality of other voice or dual-mode devices via the network 419.
- the data communication module 424B may provide a high-level user interface operable for sending and receiving data, such as e-mail messages, files, organizer information, short text messages, etc., between the mobile device 100 and a plurality of other data devices via the networks 419.
- the microprocessor 438 also interacts with other device subsystems, such as the display 422, the RAM 426, the auxiliary input/output (I/O) subsystems 428, the serial port 430, the keyboard 432, the speaker 434, the microphone 436, the short-range communications subsystem 440 and any other device subsystems generally designated as 442.
- other device subsystems such as the display 422, the RAM 426, the auxiliary input/output (I/O) subsystems 428, the serial port 430, the keyboard 432, the speaker 434, the microphone 436, the short-range communications subsystem 440 and any other device subsystems generally designated as 442.
- Some of the subsystems shown in Figure 4 perform communication-related functions, whereas other subsystems may provide "resident" or on-device functions.
- some subsystems, such as the keyboard 432 and the display 422 may be used for both communication-related functions, such as entering a text message for transmission over a data communication network, and device-resident functions such as a calculator or task list or other PDA type functions.
- Non-volatile memory 424 Operating system software used by the microprocessor 438 is preferably stored in a persistent store such as non-volatile memory 424.
- the non-volatile memory 424 may be implemented, for example, as a Flash memory component, or as battery backed-up RAM.
- the non-volatile memory 424 includes a plurality of software modules 424A-424N that can be executed by the microprocessor 438 (and/or the DSP 420), including a voice communication module 424A, a data communication module 424B, and a plurality of other operational modules 424N for carrying out a plurality of other functions.
- These modules are executed by the microprocessor 438 and provide a high-level interface between a user and the mobile device 100.
- This interface typically includes a graphical component provided through the display 422, and an input/output component provided through the auxiliary I/O 428, keyboard 432, speaker 434, and microphone 436.
- the operating system, specific device applications or modules, or parts thereof, may be temporarily loaded into a volatile store, such as RAM 426 for faster operation.
- received communication signals may also be temporarily stored to RAM 426, before permanently writing them to a file system located in a persistent store such as the Flash memory 424.
- the non-volatile memory 424 preferably provides a file system to facilitate storage of PIM data items on the device.
- the PIM application preferably includes the ability to send and receive data items, either by itself, or in conjunction with the voice and data communication modules 424A, 424B, via the wireless networks 419.
- the PIM data items are preferably seamlessly integrated, synchronized and updated, via the wireless networks 419, with a corresponding set of data items stored or associated with a host computer system, thereby creating a mirrored system for data items associated with a particular user.
- Context objects representing at least partially decoded data items, as well as fully decoded data items, are preferably stored on the mobile device 100 in a volatile and non-persistent store such as the RAM 426.
- a volatile and non-persistent store such as the RAM 426.
- Such information may instead be stored in the non-volatile memory 424, for example, when storage intervals are relatively short, such that the information is removed from memory soon after it is stored.
- storage of this information in the RAM 426 or another volatile and non-persistent store is preferred, in order to ensure that the information is erased from memory when the mobile device 100 loses power. This prevents an unauthorized party from obtaining any stored decoded or partially decoded information by removing a memory chip from the mobile device 100, for example.
- the mobile device 100 may be manually synchronized with a host system by placing the device 100 in an interface cradle, which couples the serial port 430 of the mobile device 100 to the serial port of a computer system or device.
- the serial port 430 may also be used to enable a user to set preferences through an external device or software application, or to download other application modules 324N for installation.
- This wired download path may be used to load an encryption key onto the device, which is a more secure method than exchanging encryption information via the wireless network 419.
- the methods described in relation to Figures 2 and 3 may be carried out with a mobile communication device 100 over either the wired path or a wireless network. Interfaces for other wired download paths may be provided in the mobile device 100, in addition to or instead of the serial port 430.
- a USB port would provide an interface to a similarly equipped personal computer.
- a short-range communications subsystem 440 is also included in the mobile device 100.
- the subsystem 440 may include an infrared device and associated circuits and components, or a short-range RF communication module such as a Bluetooth® module or an 802.11 module, for example, to provide for communication with similarly-enabled systems and devices.
- a short-range RF communication module such as a Bluetooth® module or an 802.11 module, for example, to provide for communication with similarly-enabled systems and devices.
- Bluetooth and “802.11” refer to sets of specifications, available from the Institute of Electrical and Electronics Engineers, relating to wireless personal area networks and wireless local area networks, respectively.
- the systems' and methods' data may be stored in one or more data stores.
- the data stores can be of many different types of storage devices and programming constructs, such as RAM, ROM, Flash memory, programming data structures, programming variables, etc. It is noted that data structures describe formats for use in organizing and storing data in databases, programs, memory, or other computer-readable media for use by a computer program.
- Code adapted to provide the systems and methods described above may be provided on many different types of computer-readable media including computer storage mechanisms (e.g., CD-ROM, diskette, RAM, flash memory, computer's hard drive, etc.) that contain instructions for use in execution by a processor to perform the methods' operations and implement the systems described herein.
- computer storage mechanisms e.g., CD-ROM, diskette, RAM, flash memory, computer's hard drive, etc.
- a module or processor includes but is not limited to a unit of code that performs a software operation, and can be implemented for example as a subroutine unit of code, or as a software function unit of code, or as an object (as in an object-oriented paradigm), or as an applet, or in a computer script language, or as another type of computer code.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Claims (36)
- Verfahren zum Sichern von Daten in einer Datenspeichervorrichtung (10, 100), die durch ein erstes Passwort gesichert werden kann, wobei die Datenspeichervorrichtung (10, 100) mit einem Inhaltschutzschlüssel K versehen ist, wobei das Verfahren aufweist:Empfangen (225), an der Datenspeichervorrichtung (10, 100), eines öffentlichen Schlüssels B, der aus einem privaten Schlüssel b an einem entfernten Ort (40) erzeugt wird, wobei der private Schlüssel b an dem entfernten Ort (40) gespeichert wird;Erzeugen (235, 240), an der Datenspeichervorrichtung (10, 100), eines privaten Schlüssels d und eines öffentlichen Schlüssels D aus dem privaten Schlüssel d;Erzeugen (250), an der Datenspeichervorrichtung (10, 100), eines Schlüsselverschlüsselungsschlüssels L aus dem privaten Schlüssel d unddem öffentlichen Schlüssel B;Verschlüsseln (260) des Inhaltschutzschlüssels K mit dem Schlüsselverschlüsselungsschlüssel L, um einen ersten verschlüsselten Inhaltschutzschlüssel vorzusehen, Verschlüsseln (255) des Inhaltschutzschlüssels K mit dem ersten Passwort, um einen zweiten verschlüsselten Inhaltschutzschlüssel vorzusehen, und Speichern der ersten und zweiten verschlüsselten Inhaltschutzschlüssel in der Datenspeichervorrichtung (10, 100);Zerstören (265) von d und K an der Datenspeichervorrichtung (10, 100);undWiederherstellen des Schlüsselverschlüsselungsschlüssels L durch:Erzeugen (320, 325), an der Datenspeichervorrichtung, eines Schlüsselwerts r und eines öffentlichen Schlüssels D' aus dem Schlüsselwert r und dem öffentlichen Schlüssel D;Übertragen (330) des öffentlichen Schlüssels D' an den entfernten Ort;Empfangen (355), an der Datenspeichervorrichtung, eines öffentlichen Schlüssels L', der aus dem privaten Schlüssel b und dem öffentlichen Schlüssel D' an dem entfernten Ort erzeugt wird;undErlangen (365), an der Datenspeichervorrichtung, des Schlüsselverschlüsselungsschlüssels L aus einem Inversen r-1 des Schlüsselwerts r und dem öffentlichen Schlüssel L'.
- Verfahren gemäß Anspruch 1, das weiter aufweist ein Verschlüsseln von Inhalt, der in der Datenspeichervorrichtung gespeichert ist, unter Verwendung des Inhaltschutzschlüssels K vor einem Verschlüsseln des Inhaltschutzschlüssels K und Speichern der verschlüsselten Inhaltschutzschlüssel an der Datenspeichervorrichtung.
- Verfahren gemäß Anspruch 1, das weiter aufweist:Empfangen eines eingegebenen Passworts;Bestimmen, dass das eingegebene Passwort mit dem ersten Passwort übereinstimmt, und wenn das eingegebene Passwort mit dem ersten Passwort übereinstimmt,
Entschlüsseln des zweiten verschlüsselten Inhaltschutzschlüssels unter Verwendung des eingegebenen Passworts, um den Inhaltschutzschlüssel K zu erlangen; und
Verwenden des so erlangten Inhaltschutzschlüssels K zum Verschlüsseln von Inhalt zum Speichern in der Datenspeichervorrichtung. - Verfahren gemäß Anspruch 3, das weiter aufweist Verwenden des so erlangten Inhaltschutzschlüssels K zum Entschlüsseln eines verschlüsselten Inhalts, der in der Datenspeichervorrichtung gespeichert ist.
- Verfahren gemäß Anspruch 1, das weiter aufweist Entschlüsseln des ersten verschlüsselten Inhaltschutzschlüssels unter Verwendung des so wiederhergestellten Schlüsselverschlüsselungsschlüssels L, um den Inhaltschutzschlüssel K zu erlangen.
- Verfahren gemäß Anspruch 5, das weiter aufweist:Entschlüsseln von Inhalt, der zuvor verschlüsselt wurde unter Verwendung des Inhaltschutzschlüssels K und in der Datenspeichervorrichtung gespeichert wurde, unter Verwendung des so erlangten Inhaltschutzschlüssels K;Vorsehen eines neuen Inhaltschutzschlüssels K';Verschlüsseln des so entschlüsselten Inhalts unter Verwendung des neuen Inhaltschutzschlüssels K';Verschlüsseln des neuen Inhaltschutzschlüssels K' unter Verwendung des Schlüsselverschlüsselungsschlüssels L, um einen neuen ersten verschlüsselten Inhaltschutzschlüssel vorzusehen, und Verschlüsseln des neuen Inhaltschutzschlüssels K' mit dem ersten Passwort, um einen neuen zweiten verschlüsselten Inhaltschutzschlüssel vorzusehen.
- Verfahren gemäß Anspruch 5, das weiter aufweist:Vorsehen eines neuen Schlüsselverschlüsselungsschlüssels M;Empfangen eines zweiten Passworts;Verschlüsseln des Inhaltschutzschlüssels K unter Verwendung des neuen Schlüsselverschlüsselungsschlüssels M, um einen neuen ersten verschlüsselten Inhaltschutzschlüssel vorzusehen, und Verschlüsseln des Inhaltschutzschlüssels K mit dem zweiten Passwort, um einen neuen zweiten verschlüsselten Inhaltschutzschlüssel vorzusehen.
- Verfahren gemäß Anspruch 7, wobei das Vorsehen eines neuen Schlüsselverschlüsselungsschlüssels M aufweist:Empfangen, an der Datenspeichervorrichtung, eines öffentlichen Schlüssels B1 , der aus einem privaten Schlüssel b1 an dem entfernten Ort erzeugt wird, wobei der private Schlüssel b1 an dem entfernten Ort gespeichert wird;Erzeugen, an der Datenspeichervorrichtung, eines privaten Schlüssels d1 und eines öffentlichen Schlüssels D1 aus dem privaten Schlüssel d1 ;Erzeugen, an der Datenspeichervorrichtung, eines Schlüsselverschlüsselungsschlüssels M aus dem privaten Schlüssel d1 unddem öffentlichen Schlüssel B1 ; undZerstören, an der Datenspeichervorrichtung, von M, d1 und K unter Beibehaltung der neuen ersten und neuen zweiten verschlüsselten Inhaltschutzschlüssel.
- Verfahren gemäß einem der Ansprüche 1 bis 8, das weiter aufweist Empfangen, an der Datenspeichervorrichtung, einer Anforderung für den öffentlichen Schlüssel D' von dem entfernten Ort, vor einem Erzeugen des Schlüsselwerts r und des öffentlichen Schlüssels D'.
- Verfahren gemäß einem der Ansprüche 1 bis 8, das weiter aufweist Empfangen, an der Datenspeichervorrichtung, eines Passwort-Zurücksetzen-Befehls von dem entfernten Ort, vor einem Erzeugen des Schlüsselwerts r und des öffentlichen Schlüssels D'.
- Verfahren gemäß Anspruch 5, das weiter aufweist:Entschlüsseln von Inhalt, der zuvor verschlüsselt wurde unter Verwendung des Inhaltschutzschlüssels K und in der Datenspeichervorrichtung gespeichert wurde, unter Verwendung des so erlangten Inhaltschutzschlüssels K;Vorsehen eines neuen Inhaltschutzschlüssels K';Verschlüsseln des so entschlüsselten Inhalts unter Verwendung des neuen Inhaltschutzschlüssels K';Vorsehen eines neuen Schlüsselverschlüsselungsschlüssels M;Verschlüsseln des neuen Inhaltschutzschlüssels K' unter Verwendung des Passworts, um einen neuen ersten verschlüsselten Inhaltschutzschlüssel vorzusehen, und Verschlüsseln des neuen Inhaltschutzschlüssels K' mit dem neuen Schlüsselverschlüsselungsschlüssel M, um einen neuen zweiten verschlüsselten Inhaltschutzschlüssel vorzusehen.
- Verfahren gemäß Anspruch 11, wobei das Vorsehen eines neuen Schlüsselverschlüsselungsschlüssels M aufweist:Empfangen, an einer Datenspeichervorrichtung, eines öffentlichen Schlüssels B1 , der aus einem privaten Schlüssel b1 an dem entfernten Ort erzeugt wird, wobei der private Schlüssel b1 an dem entfernten Ort gespeichert wird;Erzeugen, an der Datenspeichervorrichtung, eines privaten Schlüssels d1 und eines öffentlichen Schlüssels D1 aus dem privaten Schlüssel d1 ;Erzeugen, an der Datenspeichervorrichtung, eines Schlüsselverschlüsselungsschlüssels M aus dem privaten Schlüssel d1 unddem öffentlichen Schlüssel B1 ; undZerstören, an der Datenspeichervorrichtung, des Schlüsselverschlüsselungsschlüssels M, des privaten Schlüssels d1 unddes neuen Inhaltschutzschlüssels K', unter Beibehaltung der neuen ersten und neuen zweiten verschlüsselten Inhaltschutzschlüssel.
- Verfahren gemäß Anspruch 8 oder Anspruch 12, wobei der öffentliche Schlüssel B auch aus einem vorgegebenen elliptischen Punkt P erzeugt wird, und der öffentliche Schlüssel B1 auch aus einem vorgegebenen elliptischen Punkt P1 erzeugt wird.
- Verfahren gemäß einem der vorhergehenden Ansprüche, das weiter aufweist:Empfangen eines neuen Passworts von dem entfernten Ort;Übertragen des öffentlichen Schlüssels D' an den entfernten Ort, wobei D' = rD;Empfangen, von dem entfernten Ort, des öffentlichen Schlüssels L', wobei L' einen öffentlichen Schlüssel aufweist, der aus dem Schlüsselwert b und dem öffentlichen Schlüssel D' erzeugt wird;Berechnen von r-1 L' zum Ableiten desSchlüsselverschlüsselungsschlüssels L;Entschlüsseln des ersten verschlüsselten Inhaltschutzschlüssels;Ableiten eines neuen Inhaltschutzschlüssels; undVerschlüsseln des neuen Inhaltschutzschlüssels unter Verwendung des neuen Passworts, um einen neuen zweiten verschlüsselten Inhaltschutzschlüssel vorzusehen.
- Verfahren gemäß Anspruch 14, wenn nicht direkt oder indirekt von einem der Ansprüche 7, 8, 12 oder 13 abhängig, das weiter aufweist:Empfangen eines öffentlichen Schlüssels B1 von dem entfernten Ort,wobei der öffentliche Schlüssel B1 aus einem privaten Schlüssel b1 undeinem vorgegebenen elliptischen Punkt P1 an dem entfernten Ort erzeugt wird;Erzeugen eines privaten Schlüssels d1 und eines öffentlichen Schlüssels D1 aus dem privaten Schlüssel d1 und dem vorgegebenen elliptischen Punkt P1 ;Erzeugen eines neuen Schlüsselverschlüsselungsschlüssels M aus dem privaten Schlüssel d1 und dem öffentlichen Schlüssel B1 ;Zerstören des privaten Schlüssels d1 ; undVerschlüsseln des neuen Passworts unter Verwendung des neuen Schlüsselverschlüsselungsschlüssels M.
- Datenspeichervorrichtung (10, 100) zum Speichern von verschlüsselten Daten, wobei die Datenspeichervorrichtung (10, 100) ausgebildet ist, einen Zugriff auf Datenspeichervorrichtungs-Operationen zu ermöglichen bei erfolgreicher Eingabe eines Passworts, wobei die Datenspeichervorrichtung (10, 100) aufweist:einen flüchtigen Speicher (426) zum Speichern von Daten, die zu verschlüsselnde oder entschlüsselnde Daten, Passwörter und Schlüssel aufweisen;einen nicht-flüchtigen Speicher (424) zum Speichern von verschlüsselten Daten und verschlüsselten Schlüsseln; undeinen Prozessor (438), der ausgebildet ist zum:Empfangen von einem entfernten Ort (40) eines öffentlichen Schlüssels B,wobei B = bP, wobei b ein privater Schlüssel ist und P ein vorgegebener elliptischer Punkt ist, Erzeugen eines zufälligen Werts d und temporäres Speichern des zufälligen Werts d in dem flüchtigen oder nicht-flüchtigen Speicher, Berechnen eines öffentlichen Schlüssels D = dP, und Speichern des öffentlichen Schlüssels D in dem nicht-flüchtigen Speicher; Berechnen eines Schlüsselverschlüsselungsschlüssels L = dB, Verschlüsseln eines Inhaltschutzschlüssels K unter Verwendung desSchlüsselverschlüsselungsschlüssels L, Verwenden des Inhaltschutzschlüssels K zum Verschlüsseln und Entschlüsseln von Daten zum Speichern in dem nicht-flüchtigen Speicher, und Verschlüsseln undEntschlüsseln des Inhaltschutzschlüssels K unter Verwendung eines Passworts, das in dem flüchtigen Speicher gespeichert ist; und Löschen des Schlüsselverschlüsselungsschlüssels L, des zufälligen Werts d undunverschlüsselter Kopien des Inhaltschutzschlüssels K; undErzeugen eines zufälligen Werts r und temporäres Speichern des zufälligen Werts r in dem flüchtigen oder nicht-flüchtigen Speicher,Berechnen eines öffentlichen Schlüssels D' = rD, und Übertragen des öffentlichen Schlüssels D' an den entfernten Ort; Empfangen, von dem entfernten Ort, eines öffentlichen Schlüssels L' = bD' und Berechnen von r 1L', wobei r-1 ein Inverses des Schlüsselwerts r ist, um den Schlüsselverschlüsselungsschlüssels L abzuleiten, und Verwenden des so abgeleiteten Schlüsselverschlüsselungsschlüssels L, um den Inhaltschutzschlüssel K zu entschlüsseln.
- Verfahren zum Sichern von Daten in einer Datenspeichervorrichtung (10, 100), die durch ein erstes Passwort gesichert werden kann, wobei die Datenspeichervorrichtung (10, 100) mit einem Inhaltschutzschlüssel K versehen ist, wobei das Verfahren aufweist:Empfangen (225), an der Datenspeichervorrichtung, eines öffentlichen Schlüssels B, der aus einem privaten Schlüssel b an einem entfernten Ort erzeugt wird, wobei der private Schlüssel b an dem entfernten Ort gespeichert wird;Erzeugen (235, 240), an der Datenspeichervorrichtung, eines privaten Schlüssels d und eines öffentlichen Schlüssels D aus dem privaten Schlüssel d;Erzeugen (250), an der Datenspeichervorrichtung, eines Schlüsselverschlüsselungsschlüssels L aus dem privaten Schlüssel d unddem öffentlichen Schlüssel B;Verschlüsseln (255) des Inhaltschutzschlüssels K mit dem ersten Passwort, um einen verschlüsselten Inhaltschutzschlüssel vorzusehen,und Speichern des verschlüsselten Inhaltschutzschlüssels in der Datenspeichervorrichtung;Verschlüsseln des ersten Passworts mit demSchlüsselverschlüsselungsschlüssel L, um ein erstes verschlüsseltes Passwort vorzusehen, und Speichern des verschlüsseltes Passworts in der Datenspeichervorrichtung;Zerstören (265) des privaten Schlüssels d und des unverschlüsselten Inhaltschutzschlüssels K in der Datenspeichervorrichtung; undWiederherstellen des Schlüsselverschlüsselungsschlüssels L durch:Erzeugen (320, 325), an der Datenspeichervorrichtung, eines Schlüsselwerts r und eines öffentlichen Schlüssels D' aus dem Schlüsselwert r und dem öffentlichen Schlüssel D;Übertragen (330) des öffentlichen Schlüssels D' an den entfernten Ort;Empfangen (355), an der Datenspeichervorrichtung, eines öffentlichen Schlüssels L', der aus dem privaten Schlüssel b und dem öffentlichen Schlüssel D' an dem entfernten Ort erzeugt wird;undErlangen (365), an der Datenspeichervorrichtung, des Schlüsselverschlüsselungsschlüssels L aus dem Inversen r-1 des Schlüsselwerts r und dem öffentlichen Schlüssel L'.
- Verfahren gemäß Anspruch 17, das weiter aufweist ein Verschlüsseln von Inhalt, der in der Datenspeichervorrichtung gespeichert ist, unter Verwendung des Inhaltschutzschlüssels K vor einem Verschlüsseln des Inhaltschutzschlüssels K und Speichern der verschlüsselten Inhaltschutzschlüssel an der Datenspeichervorrichtung.
- Verfahren gemäß Anspruch 18, das weiter aufweist:Empfangen eines eingegebenen Passworts;Bestimmen, dass das eingegebene Passwort mit dem ersten Passwort übereinstimmt, und wenn das eingegebene Passwort mit dem ersten Passwort übereinstimmt,Entschlüsseln des verschlüsselten Inhaltschutzschlüssels unter Verwendung des eingegebenen Passworts, um den Inhaltschutzschlüssel K zu erlangen; undVerwenden des so erlangten Inhaltschutzschlüssels K zum Verschlüsseln von Inhalt zum Speichern in der Datenspeichervorrichtung.
- Verfahren gemäß Anspruch 19, das weiter aufweist Verwenden des so erlangten Inhaltschutzschlüssels K zum Entschlüsseln eines verschlüsselten Inhalts, der in der Datenspeichervorrichtung gespeichert ist.
- Verfahren gemäß Anspruch 17, das weiter aufweist Entschlüsseln des ersten verschlüsselten Passworts unter Verwendung des so wiederhergestellten L, um das erste Passwort zu erlangen, und Entschlüsseln des verschlüsselten Inhaltschutzschlüssels unter Verwendung des ersten Passworts, das durch Entschlüsseln des ersten verschlüsselten Passworts erlangt wird, um den Inhaltschutzschlüssel K zu erlangen.
- Verfahren gemäß Anspruch 21, das weiter aufweist:Entschlüsseln von Inhalt, der zuvor verschlüsselt wurde unter Verwendung des Inhaltschutzschlüssels K und in der Datenspeichervorrichtung gespeichert wurde, unter Verwendung des so erlangten Inhaltschutzschlüssels K;Vorsehen eines neuen Inhaltschutzschlüssels K';Verschlüsseln des so entschlüsselten Inhalts unter Verwendung des neuen Inhaltschutzschlüssels K';Verschlüsseln des neuen Inhaltschutzschlüssels K' unter Verwendung des ersten Passworts, um einen neuen verschlüsselten Inhaltschutzschlüssel vorzusehen.
- Verfahren gemäß Anspruch 21, das weiter aufweist:Vorsehen eines neuen Schlüsselverschlüsselungsschlüssels M;Empfangen eines zweiten Passworts;Verschlüsseln des so erlangten Inhaltschutzschlüssels K unter Verwendung des zweiten Passworts, um einen neuen verschlüsselten Inhaltschutzschlüssel vorzusehen, und Verschlüsseln des zweiten Passworts unter Verwendung des neuenSchlüsselverschlüsselungsschlüssels M, um ein zweites verschlüsseltes Passwort vorzusehen.
- Verfahren gemäß Anspruch 23, wobei das Vorsehen eines neuen Schlüsselverschlüsselungsschlüssels M aufweist:Empfangen, an der Datenspeichervorrichtung, eines öffentlichen Schlüssels B1 , der aus einem privaten Schlüssel b1 an dem entfernten Ort erzeugt wird, wobei der private Schlüssel b1 an dem entfernten Ort gespeichert wird;Erzeugen, an der Datenspeichervorrichtung, eines privaten Schlüssels d1 und eines öffentlichen Schlüssels D1 aus dem privaten Schlüssel d1 ;Erzeugen, an der Datenspeichervorrichtung, eines Schlüsselverschlüsselungsschlüssels M aus dem privaten Schlüssel d1 unddem öffentlichen Schlüssel B1 ; undZerstören des privaten Schlüssels d1 , Zerstören des Inhaltschutzschlüssels K, nachdem der neue verschlüsselte Inhaltschutzschlüssel vorgesehen ist,und Zerstören des Schlüsselverschlüsselungsschlüssels M, nachdem das zweite verschlüsselte Passwort vorgesehen ist, an der Datenspeichervorrichtung.
- Verfahren gemäß einem der Ansprüche 17 bis 24, das weiter aufweist Empfangen, an der Datenspeichervorrichtung (10, 100), einer Anforderung für den öffentlichen Schlüssel D' von dem entfernten Ort (40), vor einem Erzeugen des Schlüsselwerts r und des öffentlichen Schlüssels D'.
- Verfahren gemäß einem der Ansprüche 17 bis 24, das weiter aufweist Empfangen, an der Datenspeichervorrichtung, eines Passwort-Zurücksetzen-Befehls von dem entfernten Ort, vor einem Erzeugen des Schlüsselwerts r und des öffentlichen Schlüssels D'.
- Verfahren gemäß Anspruch 21, das weiter aufweist:Entschlüsseln von Inhalt, der zuvor verschlüsselt wurde unter Verwendung des Inhaltschutzschlüssels K und in der Datenspeichervorrichtung gespeichert wurde, unter Verwendung des so erlangten Inhaltschutzschlüssels K;Vorsehen eines neuen Inhaltschutzschlüssels K';Verschlüsseln des so entschlüsselten Inhalts unter Verwendung des neuen Inhaltschutzschlüssels K';Vorsehen eines neuen Schlüsselverschlüsselungsschlüssels M;Verschlüsseln des neuen Inhaltschutzschlüssels K' unter Verwendung des Passworts, um einen neuen verschlüsselten Inhaltschutzschlüssel vorzusehen, und Verschlüsseln des ersten Passworts mit dem neuen Schlüsselverschlüsselungsschlüssel M, um ein neues erstes verschlüsseltes Passwort vorzusehen.
- Verfahren gemäß Anspruch 27, wobei das Vorsehen eines neuen Schlüsselverschlüsselungsschlüssels M aufweist:Empfangen, an der Datenspeichervorrichtung, eines öffentlichen Schlüssels B1 , der aus einem privaten Schlüssel b1 an dem entfernten Ort erzeugt wird, wobei der private Schlüssel b1 an dem entfernten Ort gespeichert wird;Erzeugen, an der Datenspeichervorrichtung, eines privaten Schlüssels d1 und eines öffentlichen Schlüssels D1 aus dem privaten Schlüssel d1 ;Erzeugen, an der Datenspeichervorrichtung, eines Schlüsselverschlüsselungsschlüssels M aus dem privaten Schlüssel d1 und dem öffentlichen Schlüssel B1 ; undZerstören des privaten Schlüssels d1, Zerstören des neuen Inhaltschutzschlüssels K', nachdem der neue verschlüsselte Inhaltschutzschlüssel vorgesehen ist, und Zerstören des Schlüsselverschlüsselungsschlüssels M, nachdem das neue erste verschlüsselte Passwort vorgesehen ist, an der Datenspeichervorrichtung.
- Verfahren gemäß Anspruch 24 oder Anspruch 28, wobei der öffentliche Schlüssel B auch aus einem vorgegebenen elliptischen Punkt P erzeugt wird, und der öffentliche Schlüssel B1 auch aus einem vorgegebenen elliptischen Punkt P1 erzeugt wird.
- Verfahren gemäß einem der Ansprüche 17 bis 29, das weiter aufweist:Empfangen, an der Datenspeichervorrichtung (10, 100), eines zweiten Passworts von dem entfernten Ort;Übertragen des öffentlichen Schlüssels D' an den entfernten Ort, wobei D' = rD;Empfangen, von dem entfernten Ort, des öffentlichen Schlüssels L', wobei der öffentliche Schlüssel L' einen öffentlichen Schlüssel aufweist, der aus dem Schlüsselwert b und dem öffentlichen Schlüssel D' erzeugt wird;Berechnen von r-1 L', wobei r-1 ein Inverses des Schlüsselwerts r ist, zum Ableiten des Schlüsselverschlüsselungsschlüssels L;Entschlüsseln des ersten verschlüsselten Passworts, um ein entschlüsseltes erstes Passwort zu erlangen;Entschlüsseln des verschlüsselten Inhaltschutzschlüssels unter Verwendung des entschlüsselten ersten Passworts;Ableiten eines neuen Inhaltschutzschlüssels; undVerschlüsseln des neuen Inhaltschutzschlüssels unter Verwendung des zweiten Passworts, um einen neuen verschlüsselten Inhaltschutzschlüssel vorzusehen.
- Verfahren gemäß Anspruch 30, wenn nicht direkt oder indirekt von einem der Ansprüche 23, 24, 27, 28 oder 29 abhängig, das weiter aufweist:Ableiten eines neuen Schlüsselverschlüsselungsschlüssels M durch:Empfangen eines öffentlichen Schlüssels B1 , der aus einem privaten Schlüssel b1 und einem vorgegebenen elliptischen Punkt P1 an dem entfernten Ort erzeugt wird, wobei der private Schlüssel b1 an dem entfernten Ort gespeichert wird;Erzeugen eines privaten Schlüssels d1 und eines öffentlichen Schlüssels D1 aus dem privaten Schlüssel d1 und dem vorgegebenen elliptischen Punkt P1 ;Erzeugen des neuen Schlüsselverschlüsselungsschlüssels M aus dem privaten Schlüssel d1 und dem öffentlichen Schlüssel B1 ; undZerstören des privaten Schlüssels d1 ; undVerschlüsseln des zweiten Passworts unter Verwendung des neuen Schlüsselverschlüsselungsschlüssels M.
- Computerlesbares Medium, das Code aufweist, der durch eine Computervorrichtung (40) ausführbar ist zum Ausführen des Verfahrens gemäß einem der Ansprüche 1 bis 15 oder 17 bis 31.
- Datenspeichervorrichtung (10, 100) zum Speichern von verschlüsselten Daten, wobei die Datenspeichervorrichtung ausgebildet ist, einen Zugriff auf Datenspeichervorrichtungs-Operationen zu ermöglichen bei erfolgreicher Eingabe eines Passworts, wobei die Datenspeichervorrichtung (10, 100) aufweist:einen flüchtigen Speicher (426) zum Speichern von Daten, die zu verschlüsselnde oder entschlüsselnde Daten, Passwörter und Schlüssel aufweisen;einen nicht-flüchtigen Speicher (424) zum Speichern von verschlüsselten Daten und verschlüsselten Schlüsseln; undeinen Prozessor (438), der ausgebildet ist zum:Empfangen von einem entfernten Ort (40) eines öffentlichen Schlüssels B, wobei B = bP, wobei b ein privater Schlüssel ist und P ein vorgegebener elliptischer Punkt ist, Erzeugen eines zufälligen Werts d und temporäres Speichern des zufälligen Werts d in einem flüchtigen oder nicht-flüchtigen Speicher, Berechnen eines öffentlichen Schlüssels D = dP, und Speichern des öffentlichen Schlüssels D in dem nicht-flüchtigen Speicher; Berechnen eines Schlüsselverschlüsselungsschlüssels L = dB, Verschlüsseln eines Inhaltschutzschlüssels K unter Verwendung eines von einem Benutzer eingegebenen Passworts, Verschlüsseln des von einem Benutzer eingegebenen Passworts unter Verwendung des Schlüsselverschlüsselungsschlüssels L, Verwenden des Inhaltschutzschlüssels K zum Verschlüsseln und Entschlüsseln von Daten zum Speichern in dem nicht-flüchtigen Speicher; und Löschen des zufälligen Werts d und unverschlüsselter Kopien des Inhaltschutzschlüssels K; und
Erzeugen eines zufälligen Werts r und temporäres Speichern von r in einem flüchtigen oder nicht-flüchtigen Speicher, Berechnen eines öffentlichen Schlüssels D' = rD, und Übertragen des öffentlichen Schlüssels D' an den entfernten Ort; Empfangen von dem entfernten Ort eines öffentlichen Schlüssels L' = bD' und Berechnen von r-1L', wobei r-1 ein Inverses von r ist, um den Schlüsselverschlüsselungsschlüssel L abzuleiten, und Verwenden des so abgeleiteten Schlüsselverschlüsselungsschlüssels L, um das verschlüsselte, von einem Benutzer eingegebene Passwort zu entschlüsseln. - Datenspeichervorrichtung (10, 100) gemäß Anspruch 16 oder Anspruch 33, wobei die Datenspeichervorrichtung eine mobile Kommunikationsvorrichtung ist.
- Datenspeichervorrichtung (10, 100) gemäß Anspruch 16 oder Anspruch 33, wobei die Datenspeichervorrichtung ein Personalcomputer ist.
- Verfahren gemäß Anspruch 13 oder Anspruch 29, wobei der vorgegebene elliptische Punkt P1 derselbe ist wie der vorgegebene elliptische Punkt P.
Priority Applications (7)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06113904A EP1855414B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
ES06113904T ES2383607T3 (es) | 2006-05-13 | 2006-05-13 | Sistema y método para la reinicialización remota de contraseña y de clave de cifrado |
AT06113904T ATE549813T1 (de) | 2006-05-13 | 2006-05-13 | System und verfahren zum fernbedienten zurücksetzen von kennwort und kryptografischem schlüssel |
EP10185150.9A EP2339776B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
EP10185157.4A EP2365660B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
CA2588309A CA2588309C (en) | 2006-05-13 | 2007-05-11 | System and method for remote reset of password and encryption key |
CA2826837A CA2826837C (en) | 2006-05-13 | 2007-05-11 | System and method for remote reset of password and encrytion key |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06113904A EP1855414B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
Related Child Applications (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP10185157.4A Division EP2365660B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
EP10185150.9A Division EP2339776B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
EP10185150.9 Division-Into | 2010-10-01 | ||
EP10185157.4 Division-Into | 2010-10-01 |
Publications (2)
Publication Number | Publication Date |
---|---|
EP1855414A1 EP1855414A1 (de) | 2007-11-14 |
EP1855414B1 true EP1855414B1 (de) | 2012-03-14 |
Family
ID=36968686
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP06113904A Active EP1855414B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
EP10185157.4A Active EP2365660B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
EP10185150.9A Active EP2339776B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP10185157.4A Active EP2365660B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
EP10185150.9A Active EP2339776B1 (de) | 2006-05-13 | 2006-05-13 | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel |
Country Status (4)
Country | Link |
---|---|
EP (3) | EP1855414B1 (de) |
AT (1) | ATE549813T1 (de) |
CA (2) | CA2826837C (de) |
ES (1) | ES2383607T3 (de) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7522723B1 (en) | 2008-05-29 | 2009-04-21 | Cheman Shaik | Password self encryption method and system and encryption by keys generated from personal secret information |
AU2009292991B2 (en) | 2008-09-22 | 2015-05-21 | Visa International Service Association | Over the air management of payment application installed in mobile device |
US8763112B2 (en) * | 2011-07-02 | 2014-06-24 | Intel Corporation | Systems and methods for power-on user authentication |
TWI476629B (zh) * | 2012-12-26 | 2015-03-11 | Chunghwa Telecom Co Ltd | Data security and security systems and methods |
US9258121B2 (en) | 2014-06-20 | 2016-02-09 | Gemalto Sa | Method to manage modification of encryption credentials |
CN106302335B (zh) * | 2015-05-22 | 2020-02-07 | 杭州海康威视数字技术股份有限公司 | 网络监控设备及重置其密码的方法、装置和系统、服务器 |
KR102398167B1 (ko) * | 2015-07-02 | 2022-05-17 | 삼성전자주식회사 | 사용자 장치, 그것의 패스워드 설정 방법, 그리고 그것의 패스워드를 설정하고 확인하는 동작 방법 |
US10454900B2 (en) * | 2015-09-25 | 2019-10-22 | Mcafee, Llc | Remote authentication and passwordless password reset |
US10083325B2 (en) * | 2015-11-16 | 2018-09-25 | The Boeing Company | Secure removable storage for aircraft systems |
US11887112B2 (en) * | 2019-01-03 | 2024-01-30 | American Express Travel Related Services Company, Inc | Hybrid identity as a service for decentralized browser based wallets |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5768373A (en) * | 1996-05-06 | 1998-06-16 | Symantec Corporation | Method for providing a secure non-reusable one-time password |
GB2350981A (en) * | 1999-06-11 | 2000-12-13 | Int Computers Ltd | Cryptographic key recovery |
EP1079565A3 (de) * | 1999-08-25 | 2003-04-02 | Activcard Ireland Limited | Verfahren zum sicheren Aufbau einer sicheren Verbindung über ein unsicheres Kommunikationsnetzwerk |
US8332650B2 (en) * | 2002-03-22 | 2012-12-11 | Microsoft Corporation | Systems and methods for setting and resetting a password |
CN1745555B (zh) * | 2003-02-28 | 2011-05-11 | 捷讯研究有限公司 | 保护通信设备上的数据的系统和方法 |
-
2006
- 2006-05-13 EP EP06113904A patent/EP1855414B1/de active Active
- 2006-05-13 ES ES06113904T patent/ES2383607T3/es active Active
- 2006-05-13 EP EP10185157.4A patent/EP2365660B1/de active Active
- 2006-05-13 AT AT06113904T patent/ATE549813T1/de active
- 2006-05-13 EP EP10185150.9A patent/EP2339776B1/de active Active
-
2007
- 2007-05-11 CA CA2826837A patent/CA2826837C/en active Active
- 2007-05-11 CA CA2588309A patent/CA2588309C/en active Active
Also Published As
Publication number | Publication date |
---|---|
EP2365660B1 (de) | 2016-02-17 |
CA2588309C (en) | 2014-05-06 |
EP1855414A1 (de) | 2007-11-14 |
CA2588309A1 (en) | 2007-11-13 |
EP2339776A1 (de) | 2011-06-29 |
ES2383607T3 (es) | 2012-06-22 |
ATE549813T1 (de) | 2012-03-15 |
EP2339776B1 (de) | 2018-02-28 |
CA2826837C (en) | 2016-02-16 |
EP2365660A1 (de) | 2011-09-14 |
CA2826837A1 (en) | 2007-11-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9425957B2 (en) | System and method for remote reset of password and encryption key | |
EP1855414B1 (de) | System und Verfahren zum fernbedienten Zurücksetzen von Kennwort und kryptografischem Schlüssel | |
US10439811B2 (en) | Method for securing a private key on a mobile device | |
EP1933249B1 (de) | System und Verfahren zum Löschen und Sperren eines entfernten Geräts | |
US8856511B2 (en) | System and method for wiping and disabling a removed device | |
US8838975B2 (en) | System and method for protecting a password against brute force attacks | |
US8462955B2 (en) | Key protectors based on online keys | |
JP2008533882A (ja) | 暗号化キーをバックアップ及び復元する方法 | |
US7913096B2 (en) | Method and system for the cipher key controlled exploitation of data resources, related network and computer program products | |
WO2015108418A1 (en) | Secure login without passwords | |
US11468177B2 (en) | Apparatus and method for encrypting data in a data storage system | |
US20230269078A1 (en) | Key sharing method, key sharing system, authenticating device, authentication target device, recording medium, and authentication method | |
US20150026783A1 (en) | Wireless authentication system and wireless authentication method | |
CN104767766A (zh) | 一种Web Service接口验证方法、Web Service服务器、客户端 | |
CN115150180A (zh) | 存储设备管理方法、存储设备、管理设备及存储介质 | |
JP2007104118A (ja) | 秘密情報の保護方法及び通信装置 | |
US8842827B2 (en) | Mobile phone aided operations system and method | |
CN101159542B (zh) | 在终端网络设备上保存和获取鉴权参数的方法及系统 | |
CA2566253C (en) | System and method for protecting a password against brute force attacks | |
CN112615827A (zh) | 安全账号的使用方法、设备和存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA HR MK YU |
|
17P | Request for examination filed |
Effective date: 20060517 |
|
17Q | First examination report despatched |
Effective date: 20080516 |
|
AKX | Designation fees paid |
Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR |
|
AXX | Extension fees paid |
Extension state: YU Payment date: 20060517 Extension state: MK Payment date: 20060517 Extension state: HR Payment date: 20060517 Extension state: AL Payment date: 20060517 Extension state: BA Payment date: 20060517 |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA HR MK YU |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP Ref country code: AT Ref legal event code: REF Ref document number: 549813 Country of ref document: AT Kind code of ref document: T Effective date: 20120315 |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: FG4D |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R096 Ref document number: 602006028139 Country of ref document: DE Effective date: 20120510 |
|
REG | Reference to a national code |
Ref country code: NL Ref legal event code: T3 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FG2A Ref document number: 2383607 Country of ref document: ES Kind code of ref document: T3 Effective date: 20120622 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 |
|
LTIE | Lt: invalidation of european patent or patent extension |
Effective date: 20120314 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LV Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120615 Ref country code: FI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: MK05 Ref document number: 549813 Country of ref document: AT Kind code of ref document: T Effective date: 20120314 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: CY Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: CZ Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: SE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: RO Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: PL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: BE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: SI Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: IS Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120714 Ref country code: EE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: PT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120716 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: MC Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20120531 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20120531 Ref country code: LI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20120531 Ref country code: DK Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 Ref country code: AT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 |
|
26N | No opposition filed |
Effective date: 20121217 |
|
REG | Reference to a national code |
Ref country code: IE Ref legal event code: MM4A |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R097 Ref document number: 602006028139 Country of ref document: DE Effective date: 20121217 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20120513 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: BG Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120614 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: TR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20120314 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LU Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20120513 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: HU Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20060513 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R082 Ref document number: 602006028139 Country of ref document: DE Representative=s name: MERH-IP MATIAS ERNY REICHL HOFFMANN, DE |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: PC2A Owner name: BLACKBERRY LIMITED Effective date: 20141016 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R081 Ref document number: 602006028139 Country of ref document: DE Owner name: BLACKBERRY LIMITED, WATERLOO, CA Free format text: FORMER OWNER: RESEARCH IN MOTION LTD., WATERLOO, ONTARIO, CA Effective date: 20120316 Ref country code: DE Ref legal event code: R081 Ref document number: 602006028139 Country of ref document: DE Owner name: BLACKBERRY LIMITED, WATERLOO, CA Free format text: FORMER OWNER: RESEARCH IN MOTION LIMITED, WATERLOO, ONTARIO, CA Effective date: 20140925 Ref country code: DE Ref legal event code: R082 Ref document number: 602006028139 Country of ref document: DE Representative=s name: MERH-IP MATIAS ERNY REICHL HOFFMANN, DE Effective date: 20140925 Ref country code: DE Ref legal event code: R082 Ref document number: 602006028139 Country of ref document: DE Representative=s name: MERH-IP MATIAS ERNY REICHL HOFFMANN PATENTANWA, DE Effective date: 20140925 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 11 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 12 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: PLFP Year of fee payment: 13 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: NL Payment date: 20230526 Year of fee payment: 18 Ref country code: FR Payment date: 20230525 Year of fee payment: 18 Ref country code: ES Payment date: 20230601 Year of fee payment: 18 Ref country code: DE Payment date: 20230530 Year of fee payment: 18 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20230529 Year of fee payment: 18 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R082 Ref document number: 602006028139 Country of ref document: DE Ref country code: DE Ref legal event code: R081 Ref document number: 602006028139 Country of ref document: DE Owner name: MALIKIE INNOVATIONS LTD., IE Free format text: FORMER OWNER: BLACKBERRY LIMITED, WATERLOO, ONTARIO, CA |